A notariat/config.yaml => notariat/config.yaml +13 -0
@@ 0,0 1,13 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: notariat-config
+ namespace: haproxy-controller
+data:
+ certificates: |
+ - secret: cert-wildcard.sr.ht
+ domains:
+ - "sr.ht"
+ - "*.sr.ht"
+ email: ch@bitfehler.net
+ tsigSecretName: tsigkey
A notariat/notariat.yaml => notariat/notariat.yaml +27 -0
@@ 0,0 1,27 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: notariat
+ namespace: haproxy-controller
+ labels:
+ app: notariat
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: notariat
+ template:
+ metadata:
+ labels:
+ app: notariat
+ spec:
+ # Account created for ingress controller, see there
+ serviceAccountName: haproxy-kubernetes-ingress
+ containers:
+ - name: notariat
+ image: registry.gensokyo:5000/notariat:0.0.0-2-a13ce3d
+ imagePullPolicy: Always
+ args:
+ - --config=notariat-config
+ - --acme=https://acme-v02.api.letsencrypt.org/directory
+